[Rt-commit] rt branch, 3.999-trunk, updated. 4573b44f6388b846af1e8d7ca684619608efd458
clkao at bestpractical.com
clkao at bestpractical.com
Wed Nov 4 06:54:49 EST 2009
The branch, 3.999-trunk has been updated
via 4573b44f6388b846af1e8d7ca684619608efd458 (commit)
via df7e0028e475e9a67aaa6e31706d90def1bf0f0f (commit)
via bf4abde12098afea3fc88511e343d9da7a3b68a7 (commit)
via cbe6e77512db32c60fcc6fad8106168d0f0b6b7b (commit)
via 1a03a8fe3a3b44ab7b9be7cfd2ffcc93f97aef92 (commit)
via 4da8f81e6b2058479c4dd45530aa708c297300cb (commit)
via 6a2767a22ce699e8d4bb4e109f5641aa3fe844fe (commit)
via 78d207155f249c919e01ad8f401ab63e0ff8af65 (commit)
via b79544d8662f204f20fbcffc020f075f6acaa710 (commit)
from f49b2a60087a86c1c081f46b866a09c2c26a298a (commit)
Summary of changes:
etc/initialdata | 8 +-
lib/RT/Crypt/GnuPG.pm | 152 +++++++++-------------------------
lib/RT/Interface/Email.pm | 24 ++---
lib/RT/Interface/Email/Auth/GnuPG.pm | 25 +++++-
lib/RT/Model/Attachment.pm | 2 +-
t/mail/gnupg-reverification.t | 37 ++++++--
6 files changed, 104 insertions(+), 144 deletions(-)
- Log -----------------------------------------------------------------
commit b79544d8662f204f20fbcffc020f075f6acaa710
Author: Chia-liang Kao <clkao at bestpractical.com>
Date: Wed Nov 4 17:01:29 2009 +0800
refactor _res_post_process.
diff --git a/lib/RT/Crypt/GnuPG.pm b/lib/RT/Crypt/GnuPG.pm
index 8b3deed..f6b92fe 100644
--- a/lib/RT/Crypt/GnuPG.pm
+++ b/lib/RT/Crypt/GnuPG.pm
@@ -397,6 +397,19 @@ Returns a hash with the following keys:
=cut
+sub _res_post_process {
+ my ($res, $handle) = @_;
+
+ foreach (qw(stderr logger status)) {
+ $res->{$_} = do { local $/; readline $handle->{$_} };
+ delete $res->{$_} unless $res->{$_} && $res->{$_} =~ /\S/s;
+ close $handle->{$_};
+ }
+ Jifty->log->debug( $res->{'status'} ) if $res->{'status'};
+ Jifty->log->warn( $res->{'stderr'} ) if $res->{'stderr'};
+ Jifty->log->error( $res->{'logger'} ) if $res->{'logger'} && $?;
+}
+
sub sign_encrypt {
my %args = (@_);
@@ -492,14 +505,7 @@ sub sign_encrypt_rfc3156 {
close $handle{'stdout'};
$res{'exit_code'} = $?;
- foreach (qw(stderr logger status)) {
- $res{$_} = do { local $/; readline $handle{$_} };
- delete $res{$_} unless $res{$_} && $res{$_} =~ /\S/s;
- close $handle{$_};
- }
- Jifty->log->debug( $res{'status'} ) if $res{'status'};
- Jifty->log->warn( $res{'stderr'} ) if $res{'stderr'};
- Jifty->log->error( $res{'logger'} ) if $res{'logger'} && $?;
+ _res_post_process(\%res, \%handle);
if ( $err || $res{'exit_code'} ) {
$res{'message'}
= $err
@@ -551,14 +557,7 @@ sub sign_encrypt_rfc3156 {
};
$res{'exit_code'} = $?;
- foreach (qw(stderr logger status)) {
- $res{$_} = do { local $/; readline $handle{$_} };
- delete $res{$_} unless $res{$_} && $res{$_} =~ /\S/s;
- close $handle{$_};
- }
- Jifty->log->debug( $res{'status'} ) if $res{'status'};
- Jifty->log->warn( $res{'stderr'} ) if $res{'stderr'};
- Jifty->log->error( $res{'logger'} ) if $res{'logger'} && $?;
+ _res_post_process(\%res, \%handle);
if ( $@ || $? ) {
$res{'message'} =
$@ ? $@ : "gpg exited with error code " . ( $? >> 8 );
@@ -677,15 +676,7 @@ sub _sign_encrypt_text_inline {
};
$res{'exit_code'} = $?;
my $err = $@;
-
- foreach (qw(stderr logger status)) {
- $res{$_} = do { local $/; readline $handle{$_} };
- delete $res{$_} unless $res{$_} && $res{$_} =~ /\S/s;
- close $handle{$_};
- }
- Jifty->log->debug( $res{'status'} ) if $res{'status'};
- Jifty->log->warn( $res{'stderr'} ) if $res{'stderr'};
- Jifty->log->error( $res{'logger'} ) if $res{'logger'} && $?;
+ _res_post_process(\%res, \%handle);
if ( $err || $res{'exit_code'} ) {
$res{'message'}
= $err
@@ -768,15 +759,7 @@ sub sign_encrypt_attachment_inline {
};
$res{'exit_code'} = $?;
my $err = $@;
-
- foreach (qw(stderr logger status)) {
- $res{$_} = do { local $/; readline $handle{$_} };
- delete $res{$_} unless $res{$_} && $res{$_} =~ /\S/s;
- close $handle{$_};
- }
- Jifty->log->debug( $res{'status'} ) if $res{'status'};
- Jifty->log->warn( $res{'stderr'} ) if $res{'stderr'};
- Jifty->log->error( $res{'logger'} ) if $res{'logger'} && $?;
+ _res_post_process(\%res, \%handle);
if ( $err || $res{'exit_code'} ) {
$res{'message'}
= $err
@@ -872,15 +855,7 @@ sub sign_encrypt_content {
};
$res{'exit_code'} = $?;
my $err = $@;
-
- foreach (qw(stderr logger status)) {
- $res{$_} = do { local $/; readline $handle{$_} };
- delete $res{$_} unless $res{$_} && $res{$_} =~ /\S/s;
- close $handle{$_};
- }
- Jifty->log->debug( $res{'status'} ) if $res{'status'};
- Jifty->log->warn( $res{'stderr'} ) if $res{'stderr'};
- Jifty->log->error( $res{'logger'} ) if $res{'logger'} && $?;
+ _res_post_process(\%res, \%handle);
if ( $err || $res{'exit_code'} ) {
$res{'message'}
= $err
@@ -1101,14 +1076,7 @@ sub verify_attachment {
waitpid $pid, 0;
};
$res{'exit_code'} = $?;
- foreach (qw(stderr logger status)) {
- $res{$_} = do { local $/; readline $handle{$_} };
- delete $res{$_} unless $res{$_} && $res{$_} =~ /\S/s;
- close $handle{$_};
- }
- Jifty->log->debug( $res{'status'} ) if $res{'status'};
- Jifty->log->warn( $res{'stderr'} ) if $res{'stderr'};
- Jifty->log->error( $res{'logger'} ) if $res{'logger'} && $?;
+ _res_post_process(\%res, \%handle);
if ( $@ || $? ) {
$res{'message'} = $@ ? $@ : "gpg exitted with error code " . ( $? >> 8 );
}
@@ -1148,14 +1116,7 @@ sub verify_rfc3156 {
waitpid $pid, 0;
};
$res{'exit_code'} = $?;
- foreach (qw(stderr logger status)) {
- $res{$_} = do { local $/; readline $handle{$_} };
- delete $res{$_} unless $res{$_} && $res{$_} =~ /\S/s;
- close $handle{$_};
- }
- Jifty->log->debug( $res{'status'} ) if $res{'status'};
- Jifty->log->warn( $res{'stderr'} ) if $res{'stderr'};
- Jifty->log->error( $res{'logger'} ) if $res{'logger'} && $?;
+ _res_post_process(\%res, \%handle);
if ( $@ || $? ) {
$res{'message'} = $@ ? $@ : "gpg exitted with error code " . ( $? >> 8 );
}
@@ -1212,14 +1173,7 @@ sub decrypt_rfc3156 {
waitpid $pid, 0;
};
$res{'exit_code'} = $?;
- foreach (qw(stderr logger status)) {
- $res{$_} = do { local $/; readline $handle{$_} };
- delete $res{$_} unless $res{$_} && $res{$_} =~ /\S/s;
- close $handle{$_};
- }
- Jifty->log->debug( $res{'status'} ) if $res{'status'};
- Jifty->log->warn( $res{'stderr'} ) if $res{'stderr'};
- Jifty->log->error( $res{'logger'} ) if $res{'logger'} && $?;
+ _res_post_process(\%res, \%handle);
# if the decryption is fine but the signature is bad, then without this
# status check we lose the decrypted text
@@ -1349,14 +1303,7 @@ sub _decrypt_inline_block {
waitpid $pid, 0;
};
$res{'exit_code'} = $?;
- foreach ( qw(stderr logger status) ) {
- $res{$_} = do { local $/; readline $handle{$_} };
- delete $res{$_} unless $res{$_} && $res{$_} =~ /\S/s;
- close $handle{$_};
- }
- Jifty->log->debug( $res{'status'} ) if $res{'status'};
- Jifty->log->warning( $res{'stderr'} ) if $res{'stderr'};
- Jifty->log->error( $res{'logger'} ) if $res{'logger'} && $?;
+ _res_post_process(\%res, \%handle);
# if the decryption is fine but the signature is bad, then without this
# status check we lose the decrypted text
@@ -1459,14 +1406,7 @@ sub decrypt_content {
waitpid $pid, 0;
};
$res{'exit_code'} = $?;
- foreach (qw(stderr logger status)) {
- $res{$_} = do { local $/; readline $handle{$_} };
- delete $res{$_} unless $res{$_} && $res{$_} =~ /\S/s;
- close $handle{$_};
- }
- Jifty->log->debug( $res{'status'} ) if $res{'status'};
- Jifty->log->warn( $res{'stderr'} ) if $res{'stderr'};
- Jifty->log->error( $res{'logger'} ) if $res{'logger'} && $?;
+ _res_post_process(\%res, \%handle);
# if the decryption is fine but the signature is bad, then without this
# status check we lose the decrypted text
@@ -2067,14 +2007,7 @@ sub get_keys_info {
close $handle{'stdout'};
$res{'exit_code'} = $?;
- foreach (qw(stderr logger status)) {
- $res{$_} = do { local $/; readline $handle{$_} };
- delete $res{$_} unless $res{$_} && $res{$_} =~ /\S/s;
- close $handle{$_};
- }
- Jifty->log->debug( $res{'status'} ) if $res{'status'};
- Jifty->log->warn( $res{'stderr'} ) if $res{'stderr'};
- Jifty->log->error( $res{'logger'} ) if $res{'logger'} && $?;
+ _res_post_process(\%res, \%handle);
if ( $@ || $? ) {
$res{'message'} = $@ ? $@ : "gpg exitted with error code " . ( $? >> 8 );
return %res;
@@ -2264,14 +2197,7 @@ sub delete_key {
my %res;
$res{'exit_code'} = $?;
- foreach (qw(stderr logger status)) {
- $res{$_} = do { local $/; readline $handle{$_} };
- delete $res{$_} unless $res{$_} && $res{$_} =~ /\S/s;
- close $handle{$_};
- }
- Jifty->log->debug( $res{'status'} ) if $res{'status'};
- Jifty->log->warn( $res{'stderr'} ) if $res{'stderr'};
- Jifty->log->error( $res{'logger'} ) if $res{'logger'} && $?;
+ _res_post_process(\%res, \%handle);
if ( $err || $res{'exit_code'} ) {
$res{'message'}
= $err
@@ -2309,14 +2235,7 @@ sub import_key {
my %res;
$res{'exit_code'} = $?;
- foreach (qw(stderr logger status)) {
- $res{$_} = do { local $/; readline $handle{$_} };
- delete $res{$_} unless $res{$_} && $res{$_} =~ /\S/s;
- close $handle{$_};
- }
- Jifty->log->debug( $res{'status'} ) if $res{'status'};
- Jifty->log->warn( $res{'stderr'} ) if $res{'stderr'};
- Jifty->log->error( $res{'logger'} ) if $res{'logger'} && $?;
+ _res_post_process(\%res, \%handle);
if ( $err || $res{'exit_code'} ) {
$res{'message'}
= $err
commit 78d207155f249c919e01ad8f401ab63e0ff8af65
Author: Chia-liang Kao <clkao at bestpractical.com>
Date: Wed Nov 4 18:07:40 2009 +0800
gpg error message tweaks.
diff --git a/etc/initialdata b/etc/initialdata
index e0eb4f5..6ae81eb 100755
--- a/etc/initialdata
+++ b/etc/initialdata
@@ -387,9 +387,9 @@ This is forward of transaction #{ $transaction->id } of a ticket #{ $ticket->id
name => "Error: public key", # loc
description =>
"Inform user that he has problems with public key and couldn't recieve encrypted content", # loc
- content => q{Subject: We have no your public key or it's wrong
+ content => q{Subject: We do not have your public key or it's wrong
-You received this message as we have no your public PGP key or we have a problem with your key. Inform the administrator about the problem.
+You received this message as we do not have your public PGP key or we have a problem with your key. Inform the administrator about the problem.
}
},
{ queue => 0,
@@ -400,8 +400,8 @@ You received this message as we have no your public PGP key or we have a problem
You received this message as RT has problems with public keys of the following user:
{
- foreach my $e ( @BadRecipients ) {
- $OUT .= "* ". $e->{'Message'} ."\n";
+ foreach my $e ( @bad_recipients ) {
+ $OUT .= "* ". $e->{'message'} ."\n";
}
}}
},
commit 6a2767a22ce699e8d4bb4e109f5641aa3fe844fe
Author: Chia-liang Kao <clkao at bestpractical.com>
Date: Wed Nov 4 18:08:44 2009 +0800
Fix RT::Crypt::GnuPG api argument usage.
diff --git a/lib/RT/Interface/Email.pm b/lib/RT/Interface/Email.pm
index f6e772b..80fa793 100755
--- a/lib/RT/Interface/Email.pm
+++ b/lib/RT/Interface/Email.pm
@@ -500,7 +500,7 @@ sub prepare_email_using_template {
return $template;
}
-=head2 send_email_using_template template => '', arguments => {}, From => correspond_address, To => '', Cc => '', Bcc => ''
+=head2 send_email_using_template template => '', arguments => {}, From => correspond_address, to => '', cc => '', bcc => ''
Sends email using a template, takes name of template, arguments for it and recipients.
@@ -527,10 +527,9 @@ sub send_email_using_template {
return -1;
}
- $mail->head->set( $_ => $args{$_} ) foreach grep defined $args{$_}, qw(To Cc Bcc From);
+ $mail->head->set( ucfirst($_) => $args{$_} ) foreach grep defined $args{$_}, qw(to cc bcc from);
set_in_reply_to( message => $mail, in_reply_to => $args{'in_reply_to'} );
-
return send_email( entity => $mail );
}
@@ -681,34 +680,31 @@ sub sign_encrypt {
Jifty->log->debug("$msgid Encrypting message") if $args{'encrypt'};
require RT::Crypt::GnuPG;
- my %res = RT::Crypt::GnuPG::sign_encrypt(%args);
+ my %res = RT::Crypt::GnuPG::sign_encrypt(%args, quiet => 1);
return 1 unless $res{'exit_code'};
-
my @status = RT::Crypt::GnuPG::parse_status( $res{'status'} );
-
my @bad_recipients;
foreach my $line (@status) {
-
# if the passphrase fails, either you have a bad passphrase
# or gpg-agent has died. That should get caught in Create and
# Update, but at least throw an error here
- if ( ( $line->{'Operation'} || '' ) eq 'PassphraseCheck'
- && $line->{'Status'} =~ /^(?:BAD|MISSING)$/ )
+ if ( ( $line->{'operation'} || '' ) eq 'passphrase_check'
+ && $line->{'status'} =~ /^(?:BAD|MISSING)$/ )
{
- Jifty->log->error("$line->{'Status'} PASSPHRASE: $line->{'message'}");
+ Jifty->log->error("$line->{'status'} PASSPHRASE: $line->{'message'}");
return 0;
}
- next unless ( $line->{'Operation'} || '' ) eq 'RecipientsCheck';
- next if $line->{'Status'} eq 'DONE';
+ next unless ( $line->{'operation'} || '' ) eq 'recipients_check';
+ next if $line->{'status'} eq 'DONE';
Jifty->log->error( $line->{'message'} );
push @bad_recipients, $line;
}
return 0 unless @bad_recipients;
- $_->{'address_obj'} = ( Email::Address->parse( $_->{'Recipient'} ) )[0] foreach @bad_recipients;
+ $_->{'address_obj'} = ( Email::Address->parse( $_->{'recipient'} ) )[0] foreach @bad_recipients;
foreach my $recipient (@bad_recipients) {
- my $status = send_email_using_template(
+ my ($status, $msg) = send_email_using_template(
to => $recipient->{'address_obj'}->address,
template => 'Error: public key',
arguments => {
diff --git a/lib/RT/Model/Attachment.pm b/lib/RT/Model/Attachment.pm
index 73f84bf..9d83c60 100755
--- a/lib/RT/Model/Attachment.pm
+++ b/lib/RT/Model/Attachment.pm
@@ -670,7 +670,7 @@ sub encrypt {
content => \$content,
sign => 0,
encrypt => 1,
- Recipients => [$encrypt_for],
+ recipients => [$encrypt_for],
);
if ( $res{'exit_code'} ) {
return ( 0, _('GnuPG error. Contact with administrator') );
commit 4da8f81e6b2058479c4dd45530aa708c297300cb
Author: Chia-liang Kao <clkao at bestpractical.com>
Date: Wed Nov 4 18:09:32 2009 +0800
Allow quiet option if the caller to gnupg wants to handle errors by themselves.
diff --git a/lib/RT/Crypt/GnuPG.pm b/lib/RT/Crypt/GnuPG.pm
index f6b92fe..e72842e 100644
--- a/lib/RT/Crypt/GnuPG.pm
+++ b/lib/RT/Crypt/GnuPG.pm
@@ -398,16 +398,20 @@ Returns a hash with the following keys:
=cut
sub _res_post_process {
- my ($res, $handle) = @_;
+ my ($res, $handle, $args) = @_;
foreach (qw(stderr logger status)) {
$res->{$_} = do { local $/; readline $handle->{$_} };
delete $res->{$_} unless $res->{$_} && $res->{$_} =~ /\S/s;
close $handle->{$_};
}
- Jifty->log->debug( $res->{'status'} ) if $res->{'status'};
- Jifty->log->warn( $res->{'stderr'} ) if $res->{'stderr'};
- Jifty->log->error( $res->{'logger'} ) if $res->{'logger'} && $?;
+ return if $args->{quiet};
+ Jifty->log->debug( $res->{'status'} )
+ if $res->{'status'};
+ Jifty->log->warn( $res->{'stderr'} )
+ if $res->{'stderr'};
+ Jifty->log->error( $res->{'logger'} )
+ if $res->{'logger'} && $res->{'exit_code'};
}
sub sign_encrypt {
@@ -505,7 +509,7 @@ sub sign_encrypt_rfc3156 {
close $handle{'stdout'};
$res{'exit_code'} = $?;
- _res_post_process(\%res, \%handle);
+ _res_post_process(\%res, \%handle, \%args);
if ( $err || $res{'exit_code'} ) {
$res{'message'}
= $err
@@ -557,7 +561,7 @@ sub sign_encrypt_rfc3156 {
};
$res{'exit_code'} = $?;
- _res_post_process(\%res, \%handle);
+ _res_post_process(\%res, \%handle, \%args);
if ( $@ || $? ) {
$res{'message'} =
$@ ? $@ : "gpg exited with error code " . ( $? >> 8 );
@@ -676,7 +680,7 @@ sub _sign_encrypt_text_inline {
};
$res{'exit_code'} = $?;
my $err = $@;
- _res_post_process(\%res, \%handle);
+ _res_post_process(\%res, \%handle, \%args);
if ( $err || $res{'exit_code'} ) {
$res{'message'}
= $err
@@ -759,7 +763,7 @@ sub sign_encrypt_attachment_inline {
};
$res{'exit_code'} = $?;
my $err = $@;
- _res_post_process(\%res, \%handle);
+ _res_post_process(\%res, \%handle, \%args);
if ( $err || $res{'exit_code'} ) {
$res{'message'}
= $err
@@ -855,7 +859,7 @@ sub sign_encrypt_content {
};
$res{'exit_code'} = $?;
my $err = $@;
- _res_post_process(\%res, \%handle);
+ _res_post_process(\%res, \%handle, \%args);
if ( $err || $res{'exit_code'} ) {
$res{'message'}
= $err
@@ -1002,22 +1006,23 @@ sub find_protected_parts {
=cut
sub verify_decrypt {
- my %args = ( entity => undef, detach => 1, @_ );
+ my %args = ( entity => undef, detach => 1, quiet => 0, @_ );
my @protected = find_protected_parts( entity => $args{'entity'} );
my @res;
+ my $quiet = $args{quiet};
# XXX: detaching may brake nested signatures
foreach my $item ( grep $_->{'type'} eq 'signed', @protected ) {
if ( $item->{'format'} eq 'RFC3156' ) {
- push @res, { verify_rfc3156(%$item) };
+ push @res, { verify_rfc3156(%$item, quiet => $quiet) };
if ( $args{'detach'} ) {
$item->{'top'}->parts( [ $item->{'data'} ] );
$item->{'top'}->make_singlepart;
}
} elsif ( $item->{'format'} eq 'inline' ) {
- push @res, { verify_inline(%$item) };
+ push @res, { verify_inline(%$item, quiet => $quiet) };
} elsif ( $item->{'format'} eq 'attachment' ) {
- push @res, { verify_attachment(%$item) };
+ push @res, { verify_attachment(%$item, quiet => $quiet) };
if ( $args{'detach'} ) {
$item->{'top'}->parts( [ grep "$_" ne $item->{'signature'}, $item->{'top'}->parts ] );
$item->{'top'}->make_singlepart;
@@ -1026,11 +1031,11 @@ sub verify_decrypt {
}
foreach my $item ( grep $_->{'type'} eq 'encrypted', @protected ) {
if ( $item->{'format'} eq 'RFC3156' ) {
- push @res, { decrypt_rfc3156(%$item) };
+ push @res, { decrypt_rfc3156(%$item, quiet => $quiet) };
} elsif ( $item->{'format'} eq 'inline' ) {
- push @res, { decrypt_inline(%$item) };
+ push @res, { decrypt_inline(%$item, quiet => $quiet) };
} elsif ( $item->{'format'} eq 'attachment' ) {
- push @res, { decrypt_attachment(%$item) };
+ push @res, { decrypt_attachment(%$item, quiet => $quiet) };
# if ( $args{'Detach'} ) {
# $item->{'top'}->parts( [ grep "$_" ne $item->{'signature'}, $item->{'top'}->parts ] );
@@ -1076,7 +1081,7 @@ sub verify_attachment {
waitpid $pid, 0;
};
$res{'exit_code'} = $?;
- _res_post_process(\%res, \%handle);
+ _res_post_process(\%res, \%handle, \%args);
if ( $@ || $? ) {
$res{'message'} = $@ ? $@ : "gpg exitted with error code " . ( $? >> 8 );
}
@@ -1116,7 +1121,7 @@ sub verify_rfc3156 {
waitpid $pid, 0;
};
$res{'exit_code'} = $?;
- _res_post_process(\%res, \%handle);
+ _res_post_process(\%res, \%handle, \%args);
if ( $@ || $? ) {
$res{'message'} = $@ ? $@ : "gpg exitted with error code " . ( $? >> 8 );
}
@@ -1173,7 +1178,7 @@ sub decrypt_rfc3156 {
waitpid $pid, 0;
};
$res{'exit_code'} = $?;
- _res_post_process(\%res, \%handle);
+ _res_post_process(\%res, \%handle, \%args);
# if the decryption is fine but the signature is bad, then without this
# status check we lose the decrypted text
@@ -1303,7 +1308,7 @@ sub _decrypt_inline_block {
waitpid $pid, 0;
};
$res{'exit_code'} = $?;
- _res_post_process(\%res, \%handle);
+ _res_post_process(\%res, \%handle, \%args);
# if the decryption is fine but the signature is bad, then without this
# status check we lose the decrypted text
@@ -1406,7 +1411,7 @@ sub decrypt_content {
waitpid $pid, 0;
};
$res{'exit_code'} = $?;
- _res_post_process(\%res, \%handle);
+ _res_post_process(\%res, \%handle, \%args);
# if the decryption is fine but the signature is bad, then without this
# status check we lose the decrypted text
@@ -2007,7 +2012,7 @@ sub get_keys_info {
close $handle{'stdout'};
$res{'exit_code'} = $?;
- _res_post_process(\%res, \%handle);
+ _res_post_process(\%res, \%handle, {});
if ( $@ || $? ) {
$res{'message'} = $@ ? $@ : "gpg exitted with error code " . ( $? >> 8 );
return %res;
@@ -2197,7 +2202,7 @@ sub delete_key {
my %res;
$res{'exit_code'} = $?;
- _res_post_process(\%res, \%handle);
+ _res_post_process(\%res, \%handle, {});
if ( $err || $res{'exit_code'} ) {
$res{'message'}
= $err
@@ -2235,7 +2240,7 @@ sub import_key {
my %res;
$res{'exit_code'} = $?;
- _res_post_process(\%res, \%handle);
+ _res_post_process(\%res, \%handle, {});
if ( $err || $res{'exit_code'} ) {
$res{'message'}
= $err
commit 1a03a8fe3a3b44ab7b9be7cfd2ffcc93f97aef92
Author: Chia-liang Kao <clkao at bestpractical.com>
Date: Wed Nov 4 18:42:00 2009 +0800
quiet get_keys_info.
diff --git a/lib/RT/Crypt/GnuPG.pm b/lib/RT/Crypt/GnuPG.pm
index e72842e..8c8cadb 100644
--- a/lib/RT/Crypt/GnuPG.pm
+++ b/lib/RT/Crypt/GnuPG.pm
@@ -2012,7 +2012,7 @@ sub get_keys_info {
close $handle{'stdout'};
$res{'exit_code'} = $?;
- _res_post_process(\%res, \%handle, {});
+ _res_post_process(\%res, \%handle, { quiet => 1});
if ( $@ || $? ) {
$res{'message'} = $@ ? $@ : "gpg exitted with error code " . ( $? >> 8 );
return %res;
commit cbe6e77512db32c60fcc6fad8106168d0f0b6b7b
Author: Chia-liang Kao <clkao at bestpractical.com>
Date: Wed Nov 4 18:49:01 2009 +0800
In Auth::GnuPG, call verify with quiet and handle known errors gracefully, log otherwise as the original behaviour.
diff --git a/lib/RT/Interface/Email/Auth/GnuPG.pm b/lib/RT/Interface/Email/Auth/GnuPG.pm
index 70fdbf3..735e5f0 100644
--- a/lib/RT/Interface/Email/Auth/GnuPG.pm
+++ b/lib/RT/Interface/Email/Auth/GnuPG.pm
@@ -109,13 +109,29 @@ sub get_current_user {
if (@res) {
my $decrypted;
my @status = RT::Crypt::GnuPG::parse_status( $res[0]->{'status'} );
+ my $unhandled_error = 0;
for (@status) {
+ next if $_->{operation} eq 'key_check';
if ( $_->{operation} eq 'decrypt' && $_->{status} eq 'DONE' ) {
$decrypted = 1;
+ next;
}
- if ( $_->{operation} eq 'verify' && $_->{status} eq 'DONE' ) {
- $args{'message'}->head->add( 'X-RT-Incoming-Signature' => $_->{user_string} );
+ if ( $_->{operation} eq 'verify' ) {
+ if ( $_->{status} eq 'DONE' ) {
+ $args{'message'}->head->add( 'X-RT-Incoming-Signature' => $_->{user_string} );
+ next;
+ }
+ elsif ($_->{status} eq 'ERROR') {
+ # XXX: give a warning too?
+ next if $_->{reason} eq 'missing public key';
+ }
}
+ ++$unhandled_error;
+ }
+ if ($unhandled_error) {
+ Jifty->log->debug($res[0]{status});
+ Jifty->log->error($res[0]{message});
+ Jifty->log->error($res[0]{logger});
}
$args{'message'}->head->add(
@@ -229,6 +245,7 @@ sub check_bad_data {
sub verify_decrypt {
my %args = (
entity => undef,
+ quiet => 1,
@_
);
commit bf4abde12098afea3fc88511e343d9da7a3b68a7
Author: Chia-liang Kao <clkao at bestpractical.com>
Date: Wed Nov 4 18:59:16 2009 +0800
Expand the gnupg-reverification test to test for public key error notification as well.
diff --git a/t/mail/gnupg-reverification.t b/t/mail/gnupg-reverification.t
index b49a5bf..b6529a1 100644
--- a/t/mail/gnupg-reverification.t
+++ b/t/mail/gnupg-reverification.t
@@ -3,15 +3,16 @@ use strict;
use warnings;
use RT::Test;
-use Test::More;
-
plan skip_all => 'GnuPG required.'
unless eval 'use GnuPG::Interface; 1';
plan skip_all => 'gpg executable is required.'
unless RT::Test->find_executable('gpg');
-plan tests => 111;
+plan tests => 147;
+# the test imports a bunch of signed email but not loading the public
+# keys into the server first. We then check if the message can be
+# reverified after importing the public keys.
use File::Temp qw(tempdir);
my $homedir = tempdir( CLEANUP => 1 );
@@ -52,6 +53,11 @@ RT::Test->set_rights(
my ($baseurl, $m) = RT::Test->started_ok;
ok $m->login, 'we get log in';
+use RT::Test::Email;
+
+#no strict 'refs';
+#*mail_ok = *RT::Test::Email::mail_ok;
+RT::Test->set_mail_catcher;
RT::Test->import_gnupg_key('rt-recipient at example.com');
@@ -61,17 +67,30 @@ my $emaildatadir = RT::Test::get_relocatable_dir(File::Spec->updir(),
qw(data gnupg emails));
my @files = glob("$emaildatadir/*-signed-*");
foreach my $file ( @files ) {
- diag "testing $file" if $ENV{'TEST_VERBOSE'};
-
my ($eid) = ($file =~ m{(\d+)[^/\\]+$});
ok $eid, 'figured id of a file';
my $email_content = RT::Test->file_content( $file );
ok $email_content, "$eid: got content of email";
-
- my ($status, $id) = RT::Test->send_via_mailgate( $email_content );
- is $status >> 8, 0, "$eid: the mail gateway exited normally";
- ok $id, "$eid: got id of a newly created ticket - $id";
+ my ($from) = $email_content =~ m/^From: .*?(.*)$/mg;
+ my ($addr) = Email::Address->parse( $from );
+ diag "testing $file from ".$addr->address if $ENV{'TEST_VERBOSE'};
+
+ my ($status, $id);
+ mail_ok {
+ # XXX: also expect an error from server saying no pubkey.
+ ($status, $id) = RT::Test->send_via_mailgate( $email_content );
+ is $status >> 8, 0, "$eid: the mail gateway exited normally";
+ ok $id, "$eid: got id of a newly created ticket - $id";
+ } {
+ to => $addr->address,
+ subject => qr/We do not have your public key/,
+ body => qr/we do not have your public PGP key/,
+ }, {
+ to => 'root',
+ subject => qr/Some users have problems with public keys/,
+ body => qr/following user/, # XXX: fix me, the user list is not there
+ };
my $ticket = RT::Model::Ticket->new(current_user => RT->system_user );
$ticket->load( $id );
commit df7e0028e475e9a67aaa6e31706d90def1bf0f0f
Author: Chia-liang Kao <clkao at bestpractical.com>
Date: Wed Nov 4 19:14:03 2009 +0800
Mark all operation with status DONE as handled.
diff --git a/lib/RT/Interface/Email/Auth/GnuPG.pm b/lib/RT/Interface/Email/Auth/GnuPG.pm
index 735e5f0..417ab5a 100644
--- a/lib/RT/Interface/Email/Auth/GnuPG.pm
+++ b/lib/RT/Interface/Email/Auth/GnuPG.pm
@@ -116,7 +116,7 @@ sub get_current_user {
$decrypted = 1;
next;
}
- if ( $_->{operation} eq 'verify' ) {
+ elsif ( $_->{operation} eq 'verify' ) {
if ( $_->{status} eq 'DONE' ) {
$args{'message'}->head->add( 'X-RT-Incoming-Signature' => $_->{user_string} );
next;
@@ -126,11 +126,15 @@ sub get_current_user {
next if $_->{reason} eq 'missing public key';
}
}
+ elsif ($_->{status} eq 'DONE') {
+ next;
+ }
++$unhandled_error;
}
if ($unhandled_error) {
+ warn "==> with unhandled... ";
Jifty->log->debug($res[0]{status});
- Jifty->log->error($res[0]{message});
+ Jifty->log->error($res[0]{stderr});
Jifty->log->error($res[0]{logger});
}
commit 4573b44f6388b846af1e8d7ca684619608efd458
Merge: f49b2a6 df7e002
Author: Chia-liang Kao <clkao at bestpractical.com>
Date: Wed Nov 4 19:52:51 2009 +0800
Merge branch 'topic/gpg-warning-fixes'
Fix exception handling for incoming signed mails without public key registered with rt.
-----------------------------------------------------------------------
More information about the Rt-commit
mailing list